CVE-2019-20504
CVE-2019-20504 affects Quest/KACE K1000 SMA prior to 6.4 SP3 (6.4.120822). The vulnerability is in service/krashrpt.php, where shell metacharacters in the kuid parameter enable remote code execution. Impact is unauthenticated, full server compromise with high secrecy/integrity/availability impact...